Quando você pensar na InComm Payments, pense em tecnologia inovadora de pagamentos. Fomos fundados há mais de 30 anos e continuamos a ser pioneiros na indústria de pagamentos (FinTech). Desde a nossa criação estamos em continuo crescimento e somos uma equipe de mais de 3.000 funcionários em mais de 34 países ao redor do mundo. Possuímos mais de 400 patentes técnicas globais e uma rede que inclui mais de 525.000 pontos de distribuição no varejo que apontam para nossa experiência no setor. A InComm Payments está altamente focada em nosso pessoal e em seu crescimento, e trabalhamos duro para tornar a sua carreira significativa e gratificante. Valorizamos a inovação, a qualidade, a paixão, a integridade e a responsabilidade em tudo o que fazemos e procuramos pessoas excelentes para se juntarem à nossa equipa à medida que avançamos em direção a um futuro muito brilhante. Antecipamos o desenvolvimento de futuros líderes para nossas equipes no Brasil!
Information Security Engineer III
Location
Australia
Posted
7 days ago
Salary
0
Seniority
Mid Level
Job Description
Information Security Engineer III
InComm Payments
Role Description As an Information Security Engineer III, you will work on securing applications across InComm Payments by integrating security tools into CI/CD pipelines, conducting threat modeling, and supporting incident response. The role involves: - Integrating SAST tooling into CI/CD pipelines, ensuring compatibility and efficient scanning within development workflows. - Providing tailored SAST integration support for development teams at varying maturity levels with diverse toolsets and security requirements. - Analyzing application logs for anomalous patterns, communicating findings to leadership, and persuading them to take appropriate action. - Participating in on-call rotation in support of WAF incidents. - Validating security vulnerabilities identified by automated tools and fine-tuning configurations to minimize false positives and reduce noise. - Developing threat models with development teams to help expose risks in their deliverables. - Conducting regular assessments of security configurations and controls within Azure, AWS, and OCI environments. - Assisting in investigating security incidents with CSOC and implementing corrective actions. - Participating in application design and architectural reviews. - Facilitating activities such as blue/red team events and bug bounty programs. - Leading prioritization discussions to gain traction on important security issues. - Acting as a liaison with 3rd parties performing vulnerability scans and penetration testing to validate findings and inform priorities and strategies for remediation. - Drafting, evaluating, and monitoring compliance with application and development security standards. - Ensuring development teams are validating for OWASP Top 10 and performing industry-leading application security practices. Qualifications - 5+ years of application security experience. - Strong background with CI/CD processes and associated tooling, such as Jenkins, GitHub Actions, Azure Pipelines, or similar. - Strong scripting experience – PowerShell, Python, etc. - Extensive experience with SAST & DAST application scanning tools and knowledge of OWASP methodologies. - Application security experience with high-level programming languages (e.g., Java, C, C++, C#, VB, .NET, ASP.NET, ASP, PHP, J2EE, JSP). - Experience with Container technologies – Docker, Docker Swarm, Kubernetes. - Experience in cloud security, specifically with Azure, AWS, and OCI, preferably in the Fintech or related sectors and multi-cloud environments. - Knowledge of Web Application Firewalls (WAF). - Experience with Identity and Access Management security solutions and protocols (e.g., SAML, OpenID, and OAuth). - Experience with performing web, API, and mobile manual penetration testing; preparing reports to document findings; and presenting the report to development teams. - Familiarity with regulatory controls and industry best practices such as HIPAA, PCI, HiTrust, NIST etc. - Communication skills to create documentation, videos, and conduct training classes. - Ability to manage multiple tasks simultaneously and meet established deadlines. - Ability to collaborate with IT teams on security-related tasks and projects. - Ability to work productively while remote and communicate effectively in a virtual team environment. - Ability to stay current with new technology. Company Description InComm Payments is a pioneer in the payment (FinTech) industry, founded over 30 years ago. We have grown to a team of over 3,000 employees in 35 countries, owning over 400 global technical patents and a network that includes over 525,000 points of retail distribution. We work with the most recognized and valued brands in the world and are highly focused on our people and their growth, valuing innovation, quality, passion, integrity, and responsibility.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
• Lead and deliver complex security engagements centered on Azure Security, Identity & Access Management (IAM), and Microsoft Purview / AI Governance. • Serve as a principal-level architect, thought leader, and trusted advisor who shapes secure cloud, data, and AI governance strategies for enterprise clients while remaining deeply engaged in delivery. • Provide senior technical leadership across multiple strategic client engagements. Lead executive and architectural design sessions, define target-state security architectures, and guide delivery teams through implementation with a strong focus on quality, scalability, and measurable business outcomes. • Act as a trusted advisor to client stakeholders, including security, infrastructure, data, and executive leaders. Shape security roadmaps, advise on operating models and governance, and bring forward innovative perspectives on Azure security, identity modernization, data protection, and AI governance. • Remain hands-on in delivery while overseeing complex programs from strategy through implementation. Partner with delivery leadership to align milestones, manage technical risk, remove blockers, and ensure successful outcomes across architecture, implementation, and adoption phases. • Design and lead implementation of enterprise security architectures across Azure and hybrid environments, including Microsoft Entra ID, Conditional Access, Identity Protection, Privileged Identity Management (PIM), role-based access control, Zero Trust controls, workload protection, and security monitoring patterns aligned to least privilege and strong governance. • Lead engagements focused on Microsoft Purview, information protection, data security posture management, data loss prevention, compliance, and governance for Copilot, AI applications, and AI agents. Help clients establish secure and compliant approaches for data access, policy enforcement, monitoring, lifecycle management, and responsible AI enablement. • Contribute approximately 25-30% of role capacity to sales enablement and solution development activities. Partner with account teams and solution leaders to shape opportunities, lead discovery conversations, develop solution approaches, support estimates and statements of work, contribute to proposals, and articulate differentiated value in client pursuits. • Help scale the security practice through reusable assets, reference architectures, accelerators, and delivery standards. Mentor architects and engineers, coach teams on emerging Microsoft security capabilities, and strengthen organizational readiness across Azure security, identity, data governance, and AI security disciplines.
Role Description Intetics Inc., глобальна технологічна компанія, що надає послуги з розробки програмного забезпечення на замовлення, створення розподілених команд, оцінки якості програмних продуктів та all-things-digital рішень, шукає Incident Editorial Specialist до нашої команди. Приєднуйтесь до нашої редакційної команди нічної зміни та працюйте з редагуванням дорожніх інцидентів у реальному часі для глобальної картографічної платформи. Попередній досвід не потрібен - ми надаємо повне навчання. Це чудова можливість розпочати кар’єру в IT та отримати досвід роботи на міжнародних проєктах. Це повна зайнятість у віддаленому форматі. Ви працюватимете з даними англійською мовою, застосовуючи чіткі правила та зберігаючи концентрацію під час нічних змін. Qualifications - Рівень англійської від B1+ - Висока уважність до деталей, особливо в умовах обмеженого часу - Впевнена робота з кількома вкладками/вікнами, швидкий набір тексту - Пунктуальність, зосередженість і надійність - критично важливі для нічної роботи
Offensive Security Supervisor
DeepSeasFirst & only Managed Detection & Response solution covering all attack surfaces for enterprises & the mid-market.
• The Offensive Security Supervisor bridges hands-on technical delivery with day-to-day team leadership. • This is a senior individual contributor role does not carry formal people management responsibilities but plays a critical role in keeping the team running smoothly, maintaining quality standards, and developing junior consultants. • Supervisors are expected to remain active technical contributors while serving as the first point of escalation for the team during the Manager's absence or when dealing with engagement-level challenges.
Offensive Security Specialist
DeepSeasFirst & only Managed Detection & Response solution covering all attack surfaces for enterprises & the mid-market.
• Conduct internal and external network penetration tests including enumeration, exploitation, lateral movement, and post-exploitation within defined scope. • Perform web application assessments aligned to OWASP Top 10 and API security testing standards. • Conduct basic cloud security assessments (AWS, Azure, GCP) including misconfiguration identification, IAM review, and exposed services enumeration. • Support AI/LLM security assessments including prompt injection, model abuse scenarios, and OWASP LLM Top 10 coverage under senior guidance. • Produce complete, client-ready findings reports with clear technical narratives, reproduction steps, risk ratings, and remediation guidance. • Participate in client kick-off calls and debrief walkthroughs, communicating findings professionally to technical and non-technical stakeholders. • Maintain accurate engagement documentation, time tracking, and artifact organization in project management systems. • Pursue continuous development through assigned training, lab environments, and certification advancement. • May be required to travel up to 50% of the time. • Must be a US Citizen.
